从HTML PHP联系表中删除错误字符 [英] Strip Bad Characters from an HTML PHP Contact Form

问题描述

PHP的新手，但取得了新的进展.我有一个联系表单，该表单将在用户提交后发送电子邮件.现在，我想通过去除不良字符或任何可能破坏电子邮件的内容来改进此表单.该电子邮件将由我阅读，因此我可以从技术上浏览所有垃圾邮件，但我不想这么做.我希望收到一封干净的电子邮件，以用于文档目的.

New to PHP, but making new progress. I have a contact form that will send an email after it has been submitted by the user. Now I want to make this form better, by stripping out bad characters, or anything that could potentially wreck an email. The email will be read by me, so I could technically browse through all the spam, but I don't want to. I want a clean email coming in for documentation purposes.

我正在使用$ _POST数组，这是联系表单的HTML:

I am using the $_POST array, here is the HTML for the contact form:

<form class="form" method="post" action="contact.php">

<p class="name">
  <input type="text" name="name" id="name" />
  <label for="name">Name</label>
</p>

<p class="email">
  <input type="text" name="email" id="email" />
  <label for="email">E-mail</label>
</p>

<p class="web">
  <input type="text" name="web" id="web" />
  <label for="web">Website</label>
</p>

<p class="telephone">
  <input type="text" name="telephone" id="telephone" />
  <label for="telephone">Telephone</label>
</p>

<p class="question">Preferred Contact Method</p>
  <p id="preferred_question">
    <input type="radio" name="contact_option" class="telephone_opt" value="Telephone" />
    <label for="telephone_opt">Telephone</label><br />

    <input type="radio" name="contact_option" class="email_opt" value="Email" />
    <label for="email_opt">Email</label></p>

<p class="question">Describe what you need..</p>
  <p class="text">
    <textarea name="text"></textarea>
</p>

<p class="submit">
  <input type="submit" value="Send" />
</p>

</form>

这是我的contact.php(表单操作文件)

Here is my contact.php (form action file)

<?php
$msg = "Name: " . $_POST['name'] . "<br />";
$msg .= "Email: " . $_POST['email'] . "<br />";
$msg .= "Website: " . $_POST['web'] . "<br />";
$msg .= "Telephone: " . $_POST['telephone'] . "<br />";
$msg .= "Preferred Contact Method: " . $_POST['contact_option'] . "<br />";
$msg .= "Customer Needs: " . $_POST['text'];

$recipient = "support@mysite.com";
$subject = "Contact Has Been Made..";
$mailheaders = "MIME-Version: 1.0" . "\r\n";
$mailheaders .= "Content-type:text/html;charset=iso-8859-1" . "\r\n";
$mailheaders .= "From: <support@mysite.com>" . "\r\n";

mail($recipient, $subject, $msg, $mailheaders);
echo "Thank You!";
?>

推荐答案

尝试将此功能作为一个很好的起点:

Try this function as a good starting point:

function cleanInput($input) {
    // Pass the $_GET, $_POST or $_REQUEST array
    $output = array();

    foreach ($input as $key=>$value) {
        $o = $value;

        // Make sure it's within the max length
        $o = substr($o,0,256);

        // Tidy up line breaks
        $o = preg_replace('/\n{2,}/', "\n\n", $o);
        $o = nl2br($o,FALSE);

        // Strip any odd characters
        $o = preg_replace('/[^A-Za-z0-9\. -\!\?\(\)\<\>\@]/', "", $o);

        // Put the data back in the array
        $output[$key] = $o;
    }

    // Return the array
    return $output;
}

用法: $ post = cleanInput($ _ POST);

然后将 $ _ POST 替换为 $ post : $ _ POST ['name'] 将成为 $ post ['名称'] .

Then replace the $_POSTs with $post: $_POST['name'] would become $post['name'].

这篇关于从HTML PHP联系表中删除错误字符的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！